Find projects with XSS issues

The find_xss.rb cycles through all recent projects to locate those that have XSS issues in them.

The meat of the script is the following loop:

recent_projects.each do |project|
  with_scope(project) do
    issue_library = Node.issue_library
    Issue.where(node_id: issue_library.id).each do |issue|
      if issue.title =~ /XSS/i
        puts "* Project #{project.name} has '#{issue.title}'"
        break
      end
    end
  end
end

We cycle through each of the recent projects. For each of them we gather all the issues with the following line:

Issue.where(node_id: issue_library.id)

And match each Issue's #title with the /XSS/ regular expression.

InfoSec project delivery 5-day crash course

Learn innovative, actionable techniques and approaches for reducing the overhead that drags down InfoSec project delivery. You’ll learn how to optimize:

  • Scoping
  • Scheduling
  • Project Planning
  • Delivery
  • Intra-team Collaboration
  • Reporting and much more...

Your email is kept private. We don't do the spam thing.